Verifying BitLocker recovery key of Azure endpoint device

Zeeshan Bute 95 Reputation points
2024-06-13T06:08:53.0233333+00:00

Hi,

What's the process to verify whether the BitLocker recovery key of an endpoint device on Azure is correct or not?

Thanks

ZB

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,145 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,909 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,714 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,520 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Hania Lian 11,021 Reputation points Microsoft Vendor
    2024-06-13T06:24:52.72+00:00

    Hello,

    To verify whether the BitLocker recovery key of an endpoint device on Azure is correct, you can follow these steps:

    1. Log in to the Microsoft Endpoint Manager admin center as a Global Admin.
    2. Navigate to Devices > All devices.
    3. Search for your device by its label or name.
    4. Click on the device to view its details.
    5. In the Monitor session, look for the Recovery keys option.
    6. Click on Recovery keys to view and verify the BitLocker recovery key.

    Best Regards,

    Hania

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.


  2. Pavel yannara Mirochnitchenko 12,411 Reputation points MVP
    2024-06-14T06:08:19.89+00:00

    In Event Viewer you can see what is happening with the Bitlocker encryption and taking the keys to EntraID by going to;

    Applications and Services Logs->Microsoft->Windows->**Bitlocker-API
    **
    Those events should reveal you any problems you have with policies or hardware or connection to EntraID or AD :)